|
Full Disclosure
mailing list archives
Re: Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability
From: ph0enix <ph0enix () justonemorething org>
Date: Thu, 19 May 2005 14:47:10 +0200
[..] And they run a lot of them. They're not likely to assume that
widgets can contain trojans or be cautious of what they download
like they are regular applications.
well, that is true. Because Dashboard widgets are looking 'cool and
sweet', most of the users will not realize that they could contain
arbitrary code and so some of them are easy victims. Dashboard is
really a cool thing, but Apple also opened Pandora's box with it.
www.osvdb.org -- everything is vulnerable.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
- Content detection in html payload with snort ?, (continued)
Message not available
Ports used by trogens Brian Phillips (May 21)
Re: Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability Brian K. (May 18)
Re: Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability Brian K. (May 19)
|
Intro
